PAM how to guide

Version 1

    This is for debian install, but you can use for many installs.

     

     

    Install openfire and configure normally.

     

    in the OS...

     

    #useradd admin

     

    #passwd admin

     

    Put the same passwd that you put in Openfire admin web..

     

    cd /usr/share/openfire/lib (or you lib of openfire)

     

    wget https://maven.atlassian.com/public/com/cenqua/shaj/shaj/0.5/shaj-0.5.jar

     

    cd /tmp

    wget openfire_3_6_3.tar.gz

     

    unzip a get the file openfire/resources/nativeAuth/linux-i386/libshaj.so

     

    copy to /usr/share/openfire/lib

     

    create the autentication for pam

     

    cat /etc/pam.d/openfire

     

    auth    required        pam_unix.so nullok_secure

     

    Modify openfire to use NativeAuth.

     

    in AdminWeb http://127.0.0.1:9090/server-properties.jsp

     

    modify:

     

    nativeAuth.domain=openfire

     

    provider.auth.className=org.jivesoftware.openfire.auth.NativeAuthProvider
    provider.user.className=org.jivesoftware.openfire.user.NativeUserProvider

     

    the last step. must modify the group of openfire user to use PAM auth with all users: if not use this only can use one user "openfire".. this is for authenticate all users.

     

    modify the group of the openfire user to shadow:

     

    usermod -g shadow openfire

     

    modify the "/etc/init.d/openfire" <- be sure that openfire start in the group shadow

     

    the lines..

     

    start() {
            start-stop-daemon --start --quiet --background --make-pidfile \
                    --pidfile /var/run/$NAME.pid --chuid openfire:shadow \
                    --exec $JAVA -- $DAEMON_OPTS
    }

     


    See, put the shadow group!!!!!!

     

    regards!

     

    #